Исправлено неверное приведение к типам в параметрах списка id,

fuzegit · fuzegit · commit f79a2e6f5e1c · 2020-03-29T14:06:54.000+03:00
дополнены разные мелочи close #3
diff --git a/clientExamples/instantcms/README.md b/clientExamples/instantcms/README.md
@@ -8,6 +8,9 @@
 
 ## Использование
 
+Заполнить константы api_key, api_point, api_point_execute своими данными.
+Создать директорию /cache/api/. В ней будут кэшироваться ответы.
+
 Вызовы можно осуществлять из любого места кода InstantCMS
 
 Обычные методы
diff --git a/clientExamples/instantcms/api.php b/clientExamples/instantcms/api.php
@@ -191,4 +191,31 @@ public static function getExecute($params, $cacheable = false, $is_upload = fals
         return self::getMethod('execute', ['code' => json_encode($params)], $cacheable, $is_upload, self::getApiExecutePoint());
     }
 
+    public static function arrayToForm($data) {
+
+        $form = new cmsForm();
+
+        $form->addFieldset('', 'basic');
+
+        foreach ($data as $fsets) {
+            foreach ($fsets['fields'] as $field) {
+
+                if($field['name'] == 'csrf_token'){
+                    cmsUser::sessionSet('csrf_token', $field['default']);
+                    continue;
+                }
+
+                $field_class = 'field' . string_to_camel('_',  $field['field_type'] );
+
+                $form->addField('basic',
+                    new $field_class($field['name'], $field)
+                );
+
+            }
+        }
+
+        return $form;
+
+    }
+
 }
diff --git a/package/system/controllers/api/actions/method.php b/package/system/controllers/api/actions/method.php
@@ -177,6 +177,13 @@ public function run($method_name = null){
 
         }
 
+        // проверяем csrf, если включена проверка
+        if(!empty($this->method_action->check_csrf)){
+            if (!cmsForm::validateCSRFToken($this->request->get('csrf_token', ''))){
+                return $this->error(0, LANG_API_ERROR_CSRF_TOKEN);
+            }
+        }
+
         // проверяем sig, если включена проверка
         if(!empty($this->method_action->check_sig)){
             if(!check_sig($this->request->get('sig', ''))){
diff --git a/package/system/controllers/api/api_actions/api_auth_login.php b/package/system/controllers/api/api_actions/api_auth_login.php
@@ -197,10 +197,22 @@ public function validateApiRequest() {
 
     public function run(){
 
+        $is_first_auth = null;
+
+        if(!empty($this->user['id'])){
+            if(cmsUser::getUPS('first_auth', $this->user['id'])){
+                cmsUser::deleteUPS('first_auth', $this->user['id']);
+                $is_first_auth = true;
+            } else {
+                $is_first_auth = false;
+            }
+        }
+
         $this->result = array(
             'wait_2fa'     => $this->wait_2fa,
             '2fa_type'     => $this->twofa_type,
             '2fa_params'   => $this->twofa_params,
+            'is_first_auth' => $is_first_auth,
             'remember_token' => (isset(cmsUser::$auth_token) ? cmsUser::$auth_token : false),
             'session_name' => session_name(),
             'session_id'   => session_id(),
@@ -212,3 +224,4 @@ public function run(){
     }
 
 }
+
diff --git a/package/system/controllers/api/api_actions/api_content_get.php b/package/system/controllers/api/api_actions/api_content_get.php
@@ -66,7 +66,7 @@ class actionContentApiContentGet extends cmsAction {
             )
         ),
         'ids' => array(
-            'default' => 0,
+            'default' => '',
             'rules'   => array(
                 array('regexp', '/^([0-9,]+)$/i')
             )
diff --git a/package/system/controllers/api/api_actions/api_content_get_categories.php b/package/system/controllers/api/api_actions/api_content_get_categories.php
@@ -24,7 +24,7 @@ class actionContentApiContentGetCategories extends cmsAction {
      */
     public $request_params = array(
         'cat_ids' => array(
-            'default' => 0,
+            'default' => '',
             'rules'   => array(
                 array('regexp', '/^([0-9,]+)$/i')
             )
diff --git a/package/system/controllers/api/api_actions/api_content_get_fields.php b/package/system/controllers/api/api_actions/api_content_get_fields.php
@@ -48,7 +48,7 @@ class actionContentApiContentGetFields extends cmsAction {
             )
         ),
         'ids' => array(
-            'default' => 0,
+            'default' => '',
             'rules'   => array(
                 array('regexp', '/^([0-9,]+)$/i')
             )
diff --git a/package/system/controllers/api/api_actions/api_content_get_folders.php b/package/system/controllers/api/api_actions/api_content_get_folders.php
@@ -30,7 +30,7 @@ class actionContentApiContentGetFolders extends cmsAction {
             )
         ),
         'ids' => array(
-            'default' => 0,
+            'default' => '',
             'rules'   => array(
                 array('regexp', '/^([0-9,]+)$/i')
             )
diff --git a/package/system/controllers/api/api_actions/api_content_get_props.php b/package/system/controllers/api/api_actions/api_content_get_props.php
@@ -36,7 +36,7 @@ class actionContentApiContentGetProps extends cmsAction {
             )
         ),
         'ids' => array(
-            'default' => 0,
+            'default' => '',
             'rules'   => array(
                 array('regexp', '/^([0-9,]+)$/i')
             )
diff --git a/package/system/controllers/api/api_actions/api_messages_readed.php b/package/system/controllers/api/api_actions/api_messages_readed.php
@@ -12,7 +12,7 @@ class actionMessagesApiMessagesReaded extends cmsAction {
 
     public $request_params = array(
         'ids' => array(
-            'default' => 0,
+            'default' => '',
             'rules'   => array(
                 array('required'),
                 array('regexp', '/^([0-9]{1}[0-9,]*)$/')
diff --git a/package/system/controllers/api/api_actions/api_widgets_get_widgets.php b/package/system/controllers/api/api_actions/api_widgets_get_widgets.php
@@ -24,7 +24,7 @@ class actionWidgetsApiWidgetsGetWidgets extends cmsAction {
      */
     public $request_params = array(
         'pages_ids' => array(
-            'default' => 0,
+            'default' => '',
             'rules'   => array(
                 array('regexp', '/^([0-9,]+)$/i')
             )
diff --git a/package/system/controllers/api/backend/grids/grid_keys.php b/package/system/controllers/api/backend/grids/grid_keys.php
@@ -46,12 +46,12 @@ function grid_keys($controller){
     $actions = array(
         array(
             'title' => LANG_EDIT,
-            'class' => 'edit tooltip',
+            'class' => 'edit',
             'href'  => href_to($controller->root_url, 'keys_edit', array('{id}'))
         ),
         array(
             'title'   => LANG_DELETE,
-            'class'   => 'delete tooltip',
+            'class'   => 'delete',
             'href'    => href_to($controller->root_url, 'keys_delete', array('{id}')),
             'confirm' => LANG_API_DELETE_CONFIRM
         )
diff --git a/package/system/controllers/api/frontend.php b/package/system/controllers/api/frontend.php
@@ -324,11 +324,13 @@ function form_to_params($form) {
 
             $param['fields'][$field->getName()] = array(
                 'title'    => $field->title,
-                'type'     => isset($field->field_type) ? $field->field_type : $field->class, // совместимость
+                'field_type' => isset($field->field_type) ? $field->field_type : $field->class, // совместимость
+                'type'     => (!empty($field->type) ? $field->type : null),
                 'name'     => $field->getName(),
                 'rules'    => $field->getRules(),
                 'var_type' => $field->var_type,
                 'items'    => (method_exists($field, 'getListItems') ? $field->getListItems() : null),
+                'options'  => (!empty($field->options) ? $field->options : null),
                 'attributes' => (!empty($field->attributes) ? $field->attributes : null),
                 'hint'     => (!empty($field->hint) ? $field->hint : null),
                 'units'    => (!empty($field->units) ? $field->units : null),

Original file line number	Diff line number	Diff line change
`@@ -66,7 +66,7 @@ class actionContentApiContentGet extends cmsAction {`
`66`	`66`	`)`
`67`	`67`	`),`
`68`	`68`	`'ids' => array(`
`69`		`- 'default' => 0,`
	`69`	`+ 'default' => '',`
`70`	`70`	`'rules' => array(`
`71`	`71`	`array('regexp', '/^([0-9,]+)$/i')`
`72`	`72`	`)`
Original file line number	Diff line number	Diff line change
`@@ -24,7 +24,7 @@ class actionContentApiContentGetCategories extends cmsAction {`
`24`	`24`	`*/`
`25`	`25`	`public $request_params = array(`
`26`	`26`	`'cat_ids' => array(`
`27`		`- 'default' => 0,`
	`27`	`+ 'default' => '',`
`28`	`28`	`'rules' => array(`
`29`	`29`	`array('regexp', '/^([0-9,]+)$/i')`
`30`	`30`	`)`
Original file line number	Diff line number	Diff line change
`@@ -48,7 +48,7 @@ class actionContentApiContentGetFields extends cmsAction {`
`48`	`48`	`)`
`49`	`49`	`),`
`50`	`50`	`'ids' => array(`
`51`		`- 'default' => 0,`
	`51`	`+ 'default' => '',`
`52`	`52`	`'rules' => array(`
`53`	`53`	`array('regexp', '/^([0-9,]+)$/i')`
`54`	`54`	`)`
Original file line number	Diff line number	Diff line change
`@@ -30,7 +30,7 @@ class actionContentApiContentGetFolders extends cmsAction {`
`30`	`30`	`)`
`31`	`31`	`),`
`32`	`32`	`'ids' => array(`
`33`		`- 'default' => 0,`
	`33`	`+ 'default' => '',`
`34`	`34`	`'rules' => array(`
`35`	`35`	`array('regexp', '/^([0-9,]+)$/i')`
`36`	`36`	`)`
Original file line number	Diff line number	Diff line change
`@@ -36,7 +36,7 @@ class actionContentApiContentGetProps extends cmsAction {`
`36`	`36`	`)`
`37`	`37`	`),`
`38`	`38`	`'ids' => array(`
`39`		`- 'default' => 0,`
	`39`	`+ 'default' => '',`
`40`	`40`	`'rules' => array(`
`41`	`41`	`array('regexp', '/^([0-9,]+)$/i')`
`42`	`42`	`)`